Access control systems authorize programs and applications to perform operations, such as authorizing a software package downloaded via the Internet to read, write, or open a file located on a user's computer. Traditionally, access control systems decide whether or not to authorize an operation by referencing an access control list, a look-up list, or the like.
These lists, however, often employ schemas that are fixed and offer few capabilities. These schemas, for example, may do little more than look at a user's identity in deciding whether or not to allow a requested operation. In so doing, they may allow an untrustworthy software package (e.g., the above-mentioned Internet-downloaded software package) to do anything it likes so long as it is running on the user's computer under the user's identity. In such cases the user's identity effectively controls the decision to authorize the package's requested operation.